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Abstract. The notion of computability closure has been introduced for 
proving the termination of higher-order rewriting with first-order match- 
ing by Jean-Pierre Jouannaud and Mitsuhiro Okada in a 1997 draft which 
later served as a basis for the author's PhD. In this paper, we show how 
this notion can also be used for dealing with /3-normalized rewriting with 
matching modulo Prj (on patterns d la Miller), rewriting with matching 
modulo some equational theory, and higher-order data types (types with 
constructors having functional recursive arguments). Finally, we show 
how the computability closure can easily be turned into a reduction or- 
dering which, in the higher-order case, contains Jean-Pierre Jouannaud 
and Albert Rubio's higher-order recursive path ordering and, in the first- 
order case, is equal to the usual first-order recursive path ordering. 



1 Introduction 

After Jan Willem Klop's PhD thesis on Combinatory Reduction Systems (CRS) 
|28|29) . the interest in higher-order rewriting, or the combination of -calculus 
and rewriting, was relaunched by Dale Miller and Gopalan Nadathur's work on 
-Prolog [38] and Val Breazu-Tannen's paper on the modularity of confluence 
for the combination of simply-typed -calculus and flrst-order rewriting [10113) . 
A year later. Dale Miller proved the decidability of unification modulo Prj for 
"higher-order patterns" [36137) . and the modularity of termination for simply- 
typed -calculus and first-order rewriting was independently proved by Jean Gal- 
lier and Val Breazu-Tannen [11|12| and Mitsuhiro Okada [40], both using Jean- 
Yves Girard's technique of reducibility predicates |18|19|20] . A little bit later, 
Daniel Dougherty showed, by purely syntactic means (without using reducibility 
predicates), that these results could be extended to any "stable" set of untyped 
-terms [16117) . the set of simply-typed -terms being stable. We must also men- 
tion Zhurab Khasidashvili's new approach to higher-order rewriting with his 
Expression Reduction Systems (ERS) |27| . 

Then, in 1991, two important papers were published on this subject, both 
introducing a new approach to higher-order rewriting: Tobias Nipkow's Higher- 
order Rewrite Systems (HRS) |39|33| . and Jean-Pierre Jouannaud and Mitsuhiro 
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Okada's Executable Higher-Order Algebraic Specification Languages |22I23) . To- 
bias Nipkow's approach is based on Dale Miller's result: the simply-typed - 
calculus, which is confluent and terminating, is used as a framework for encoding 
higher-order rewriting. He extends to this framework the Critical Pair Lemma. 
Jean-Pierre Jouannaud and Mitsuhiro Okada's approach can be seen as a typed 
version of CRS's (restricted to flrst-order matching). They proved that termina- 
tion is modular for the combination of simply-typed -calculus, a non-duplicating 
terminating flrst-order rewrite system, and an higher-order rewrite system which 
deflnition follows a "general schema" extending primitive recursion. Later, Vin- 
cent van Oostrom and Femke van Raamsdonk compared CRS's and HRS's [46] 
and developed an axiomatized framework subsuming them |47|49j . 

The combination of /^-reduction and rewriting is naturally used in depen- 
dent type systems and proof assistants implementing the proposition-as-type 
and proof-as-object paradigm [6]. In these systems, two propositions equivalent 
modulo /3-reduction and rewriting are considered as equivalent {e.g. P{2 + 2) and 
P(4)). This is essential for enabling users to formalize large proofs with many 
computations, as recently shown by Georges Gonthier and Benjamin Werner's 
proof of the Four Color Theorem in the Coq proof assistant. However, checking 
the correctness of user proofs requires to check the equivalence of two terms. 
Hence, the necessity to have termination criteria for the combination of /3- 
reduction and a set R of higher-order rewrite rules. 

For proving the correctness of the general schema, Jean-Pierre Jouannaud 
and Mitsuhiro Okada used Jean- Yves Girard's technique of reducibility predi- 
cates. Roughly speaking, since proving the (strong) /3-normalization by induc- 
tion on the structure of terms does not work directly, one needs to prove a 
stronger predicate. In 1967, William Tait introduced a "convertibility predicate" 
for proving the weak normalization of some extension of Kurt Godel's system T 
[43J. Later, in 1971, Jean- Yves Girard introduced "reducibility predicates" (called 
computability predicates in the following) for proving the weak and strong nor- 
malization of the polymorphic -calculus |18|19j . This technique can be applied to 
(higher-order) rewriting by proving that every function symbol is computable, 
that is, that every function call is computable whenever its arguments so are. 

This naturally leads to the following question: which operations preserve 
computability? Indeed, from a set of such operations, one can deflne the com- 
putability closure of a term t, written CC(i), as the set of terms that are com- 
putable whenever t so is. Then, to get normalization, it suffices to check that, 
for every rule fl ^ r & R, r belongs to the computability closure of I. Ex- 
amples of computability-preserving operations are: application, function calls 
on arguments smaller than I in some well-founded ordering >, etc. Jean-Pierre 
Jouannaud and Mitsuhiro Okada introduced this notion in a 1997 draft which 
served as a basis for |i8f9] . In this paper, we show how this notion can be extended 
for dealing with /3-normalized rewriting with matching modulo (3ri on patterns 
a la Miller and matching modulo some equational theory. 



^ I —>■ r is non-duplicating if no variable has more occurrences in r than it has in I. 



Another way to prove the termination of R is to find a decidable well-founded 
rewrite relation containing R. A well known such relation in the first-order case 
is the recursive path ordering [41'14] which well-foundedness was initially based 
on Kruskal theorem [30j. The first attempts made for generalizing this ordering 
to the higher-order case were not able to orient system T |31|32|26] . Finally, 
in 1999, Jean-Pierre Jouannaud and Albert Rubio succeeded in finding such an 
ordering ^25j by using computability-based techniques again, hence providing the 
first well-foundedness proof of RPO not based on Kruskal theorem. This ordering 
was later extended to the calculus of constructions by Daria Walukiewicz |50|51) . 

Although the computability closure on one hand, and the recursive path 
ordering on the other hand, share the same computability-based techniques, 
there has been no precise comparison between these two termination criteria. 
In [51], one can find examples of rules that are accepted by one criterion but 
not the other. And Jean-Pierre Jouannaud and Albert Rubio themselves use the 
notion of computability closure for strengthening HORPO. 

In this paper, we explore the relations between both criteria. We start from 
the trivial remark that the computability closure itself provides us with an or- 
dering: let t CR(>) uift = ft and u G CC>(t), where CC> is the computability 
closure built by using a well-founded relation > for comparing the arguments 
between function calls. Proving the well-foundedness of this ordering simply con- 
sists in proving that the computability closure is correct, which can be done by 
induction on >. Then, we remark that the function mapping > to CR(>) is 
monotone wrt inclusion. Thus, it admits a least fixpoint which is a well-founded 
ordering. We prove that this fixpoint contains HORPO and is equal to RPO in 
the first-order case. 

2 Terms and types 

We consider simply-typed -terms with curried constants. See [2] for details about 
typed -calculus. For rewriting, we follow the notations of Nachum Dershowitz 
and Jean-Pierre Jouannaud's survey [15] . 

Let B be a set of base types. The set T of simple types is inductively defined 
as usual: T eT = B eB \ T ^T. 

Let A:' be a set of variables and be a set of function symbols disjoint from 
X. We assume that every a G X U J- is equipped with a type Tq G T. The sets 
of terms of type T are inductively defined as follows: 

-Uae XUT, then a e T''" . 

- If x e A:" and t G T^, then xt G r-^'^ . 

-Ifve T^^" and t G r^, then vt G T^. 

As usual, we assume that, for all type T, the set of variables of type T 
is infinite and consider terms up to a-conversion (type-preserving renaming of 
bound variables). Let FV(t) be the set of variables free in t. Let t denote a 
sequence of terms ti, . . . , t„ of length n = \t\ > 0. 

Let r(i) denote the type of a term t. In the following, writing t : T or t^ 
means that r(i) = T. 



The set Pos(t) of positions in a term t is defined as usual as words on {1, 2}. 
Let t\p be the subterm of t at position p G Pos(i), and t[u]p be the term obtained 
by replacing in t its subterm at position p e Pos(i) by u. 

A term is algebraic if it contains no abstraction and no subterm of the form 
xt. A term t is linear if no variable free in t occurs more than once in t. 

The /^-reduction is the closure by context of the relation {xt)u where 

denotes the higher-order substitution of a; by u in t. 

A rewrite rule is a pair of terms I r such that I is of the form fl, FV(r) C 
FV(Z) and t{1) = T(r). Given a set R of rewrite rules, let be the closure 
by context and substitution of R. Hence, matching is modulo a-conversion (but 
a-conversion is needed only for left-hand sides having abstractions) . A rule I r 
is linear (resp. algebraic) if both I and r are linear (resp. algebraic). 

Given a relation on terms, let and ^* be its inverse, its reflexive 

closure and its reflexive and transitive closure respectively. Let also (t) = {f e 
T \ t^t'} he the set of reducts of t, and SN(^) (resp. SN^(^)) be the set of 
terms (resp. of type T) that are strongly normalizable wrt Our aim is to prove 
the termination (strong normalization, well-foundedness) of — ^ = U 

Given a relation >, let >icx, >mui and >prod respectively denote the lexico- 
graphic, multiset and product extensions of >. Note that all these extensions 
are well-founded whenever > is well-founded. 

3 Computability 

In this section, we remind the notion of computability predicate introduced by 
William Tait |43|44j and extended by Jean- Yves Girard with the notion of neu- 
traE term ;i9l2Qj. Every type is interpreted by a set of computable terms of that 
type. Since computability is deflned so as to imply strong normalization, the 
latter is obtained by proving that every term is computable. 
In the following, we assume given a set R of rewrite rules. 

Definition 1 (Reducibility candidates). A term is neutral if it is of the 

form XV or of the form {xt)uv. Let = -^p U -^b,- A reducibility candidate for 
the type T is a set P of terms such that: 

(1) P C SN^(->). 

(2) P is stable by ^(P) C P. 

(3) Ift:Tis neutral and ^{t) C P, then t e P. 

Let be the set of all reducibility candidates for the type T , and Ir be the 
set of functions I from B to 2^ such that, for all B £ B, /(B) £ Q^ . Given an 
interpretation of base types I gIr, we define an interpretation G Q^J for 
every type T as follows: 

- WR = m, 



^ simple in |19) . 



One can check that SN"^ is a reducibihty candidate for T. 

We now check that the interpretation of a type is a reducibihty candidate. 



Lemma 1. If I G Tr then, for all type T, S Q^J. 

Proof. We proceed by induction on T. The lemma is immediate for T € B. 
Assume now that |Tl^ G and [C/J^ e Qg. We prove that [T J/]^ e 

(1) |r => UY^ C SN^^^ by definition. 

(2) Let w e |T ^ v' e ^(^;) and t G [T]]^. We must prove that v't G |J7]]^. 
This follows from the facts that [J/J^ G Qg, G [C/l^ and w'i G ^(t^i). 

(3) Let v'^^^ be a neutral term such that ^{v) C |T ^ C/]^ and i G [T]^. 
We must prove that vt G l?/]^- Since v is neutral, is neutral too. Since 
{Ufii G Qg, it suffices to prove that -^{vt) C |;7||j. Since [T]^ G Q^, 
f G SN and we can proceed by induction on t with as well-founded 
ordering. Let w G ~^{vt). Since w is neutral, either w = v't with G -^{v), or 
w; = with t' G ^(t). In the former case, w G |C/]|j since u' G |T ^ C/]^. 
In the latter case, we conclude by induction hypothesis on t' . □ 

Finally, we come to the definition of computability. 

Definition 2 (Computability). Let I he the base type interpretation such that 
7(B) = SN^. A term t:T is computable iftG [T]^. 

In the following, we drop the superscript / in 

We do not know how to prove that computability is stable by subterm before 
proving that every term is computable. However, since, on base types, com- 
putability is equivalent to strong normalization, the subterms of base type of a 
computable term are computable. This is in particular the case for the arguments 
of base type of a function symbol: 

Definition 3 (Accessibility). For all f -.T^B, let Acc(/) = {i \ Ti e B} be 

the set o/ accessible arguments of f. 

We now prove some properties of computable terms. 

Lemma 2 (Computability properties). 

(CI) If t, u and are computable, then {xt)u is computable. 

( C2) If every symbol is computable, then every term is computable. 

(C3) If ft is computable and i G Acc(/), then ti is computable. 

(C4) A term ft : B is computable whenever t are computable and every head- 

reduct of ft is computable. 
( C5) A symbol f : T =^ B is computable if every head-reduct of ft is computable 

whenever t : T are computable. 
(C6) A symbol f is computable if, for every rule fl^r€R and substitution 

a, ra is computable whenever la are computable. 



Proof. (CI) Since {xt)u is neutral, it suffices to prove that every reduct is com- 
putable. We proceed by induction on (i, u) with -+prod as well-founded or- 
dering (i and u are computable). Assume that {xt)u ^ w. If w = then t' is 
computable by assumption. Otherwise, v — {xt')u with i ^ t', or w = {xt)u' 
with u ^ u' . In both cases, we can conclude by induction hypothesis. 
(C2) First note that the identity substitution is computable since variables are 
computable (they are neutral and irreducible). We then prove that, for every 
term t and computable substitution 6*, tO is computable, by induction on t. 

- Assume that t — f e T. Then, t9 — f is computable by assumption. 

- Assume that t — x E X. Then, t6 — x6 is computable by assumption. 

- Assume that t = xu. Then, t9 — xu9. Let v : V computable. We must 
prove that tOv is computable. By induction hypothesis, uOJ^ is computable. 
Since u6 and v are computable too, by (CU), t9 is computable. 

- Assume that t = u^^'^v. Then, t9 = u6v6. By induction hypothesis, u9 
and v9 are computable. Thus, t9 is computable. 

(C3) By definition of the interpretation of base types. 

(C4) By definition of the interpretation of base types, it suffices to prove that 
every reduct of ft is computable. We prove it by induction on t with ^prod 
as well-founded ordering (t are computable). Head-reducts are computable 
by assumption. For non-head-reducts, this follows by induction hypothesis. 

(C5) By definition of the interpretation of arrow types and (CSl). 

(C6) After (CEl), it suffices to prove that every head-reduct of ft is computable 
whenever t are computable. Let t' be a head-reduct of ft. Then, there is 
I ^ r G R and a such that t = la and t' = ra. Thus, t' is computable. □ 

4 Computability closure 

After the properties (CEl and (CE]), we are left to prove that, for every rule 
fl^rGR,ra is computable whenever la are computable. This naturally leads 
us to find a set GC^ (l) of terms t such that ta is computable whenever la are 
computable: the computability closure of I wrt /. 

We can include I and close this set with computability-preserving operations 
Hke applying a term to another or taking the accessible argument of a function 
call. 

We can also include variables distinct from FV(Z) and allow abstraction on 
them by strengthening the property to prove as follows: for all t G CC-^ (l), ta is 
computable whenever la are computable and a is computable on FY{t) \FV(/). 

Now, to allow function calls, the idea is to introduce a precedence on function 
symbols and a well-founded ordering > on function arguments. 

So, we assume given a quasi-ordering >;f on which strict part >jf = 
^.F \ is well-founded. Let = >-p n <jr be its associated equivalence 
relation. 

We also assume that every symbol / is equipped with a status stat/ G 
{lex, mul}, such that stat/ = statg whenever / g, defining how the argu- 



ments of / must be compared: lexicographically (from left to right, or from right 
to left) or by multiset. 

Definition 4 (Status relation). The status relation associated to a relation 
> is the relation (/, t) >stat (5, u) such that f >jr g or f g and t >stat/ u. 

Note that the status relation >stat is well-founded whenever > so is. 
We now formalize the notion of computability closure. 

Definition 5. A function CC mapping every f"^^^ and to a set of terms 
CC-^(/) is a computability closure if, for all f"^^^ , , r G CC-^ (l) and 6, rO is 
computable whenever 19 are computable and 9 is computable on X \ FV(i). 

We now check that the computability of symbols, hence the termination of 
—^13 U -^R by (Cl2l); can be obtained by using a computability closure. 

Lemma 3. // CC is a computability closure and, for all rule fl r £ R, 
r e CC-^(0, then every symbol is computable. 

Proof. It follows from (Ci]) and the fact that FV(r) C FV(Z). □ 



Fig. 1. Higher-order computability closure 



(decomp-symb) 

(prec) 



(arg) h£CCl{l) 

gu G CC^(Z) i G Acc(g) 



u,. G cc((o 

/ >T 9 



G cc((o 

(call) 7 

gu ecciH) 

, ^ u^^"^ G CC{.(Z) t;^GCC((Z) 
(app) 



(var) 

(lam) 



uv G CC((0 
X i FV(Z) 
X G CC((Z) 

mGCC^(Z) a:^FV(Z) 
xu G CC^(Z) 



We now present a computability closure similar to the one introduced in 
|8|9j except that the relation > used for comparing arguments in recursive calls is 
replaced by an abstract family of relations (>');gr- We then prove the correctness 
of this abstract computability closure under some condition. 



Definition 6 (Closure-compatibility). A relation >- is closure-compatible 
with a family of relations {>^)ieT if, for all I and 9, t9 >- u9 whenever t >' u, 
t9 and u9 are computable, and 9 is computable on X \ FV(^). 

Note that any relation stable by substitution > is closure-compatible with 
itself (the constant family equal to >). This is in particular the case of the 
restriction of the subterm ordering > defined by i > m if m is a subterm of t and 
FV(u) C ¥Y{t). 

Lemma 4. Let > ~ {>^)ieT be a family of relations. The function CC> de- 
fined in Figure [7] is a computability closure whenever there exists a well-founded 
relation on computable terms >- that is do sure- compatible with >. 

Proof. We proceed by induction, first on (/, 19) with >-stat as well-founded or- 
dering (HI), and second, by induction on CC>(Z) (H2). 

(arg) li9 is computable by assumption. 

(decomp-symb) By (H2), gu9 is computable. Thus, after (CE]), Ui9 is com- 
putable. 

(prec) By (HI), g is computable. 

(call) By (H2), u9 are computable. Since I >{tatj '^^ ^ closure-compatible 

with >, 19 and u9 are computable, and 9 is computable on X\FY{1), we have 

19 )^statf u9. Therefore, by (HI), gu9 is computable, 
(app) By (H2), u9 and v9 are computable. Thus, u9v9 is computable, 
(var) Since x X \ FY{1), x9 is computable by assumption, 
(lam) Wlog we can assume that x ^ codom(0). Thus, {xu)9 = xu9. Let v : 

computable. After (CdJ, {xu9)v is computable if u9, v and u9^ are computable. 

We have v computable by assumption and u9 and u6^ computable by (H2). 

□ 

5 /3- normalized rewriting with matching modulo /Brj 

In this section, we show how the notion of computability closure can be extended 
to deal with HRS's [S^. This extends our previous results on CRS's and HRS's 
[5]. This computability closure approach seems simpler than the technique of 
"neutraHzation" introduced by Jean-Pierre Jouannaud and Albert Rubio in [21] . 
However, the comparison between both approaches remains to be done. 

In HRS's, rewrite rules are of base type, rule left-hand sides are patterns a la 
Miller [37], and rewriting is defined on terms in /3-normal 77-long form as follows: 
t u if there are p £ Pos(t), I ^ r E R and a in /3-normal 77-long form such 
that t\p = /cr J,/3Tr, and u = t[ra lf3'\rj]p. 

We are going to consider a slightly more general notion of rewriting: (3- 
normalized rewriting with matching modulo /Sr], defined as follows: t ^r,(37j u 
if there are p £ Pos(t), I r £ R and a in /3-normal form such that t\p is in 
/3-normal form, t\p —pri la and u — t[ra]p. Furthermore, we do not assume that 



rules are of base type. However, in this case, one can check that, on terms in 
/3-normal ?7-long form, =>i?, C ^^./j,,— 

Matching modulo /3r] is necessary when a rule left-hand side contains abstrac- 
tions. Consider for instance the left-hand side I — Dx{sm{Fx)). With matching 
modulo a-conversion only, the term t — Da; (sin u) matches p only if u is of the 
form vx. In particular, £'a;(sinx) does not match p. Yet, if one substitutes F by 
xu in I, then one gets D{x{sm{{xu)x))) which /3-reduces to t. 

Take now I — Dx{Fx). With matching modulo a-conversion only, the term 
t = Du matches I only if u is of the form xv. In particular, {D sin) does not match 
I. Yet, if one substitutes F by m in /, then one gets Dx{ux) which ?7-reduces to 
t since x ^ FV(u) (by definition of higher-order substitution). 

Higher-order patterns are terms in /?-normal 77-long form which free variables 
are applied to terms 77-equivalent to distinct bound variables. Hence, if Z is a 
pattern, t and a are in /3-normal form and la =/}n t, then la -^*pg=ri t, where 
— >/3o is the restriction of to redexes of the form {xt)x, that is, {xt)x t 

m- 

Now, for proving the termination of ~*p U -^B^/Sri (hence the termination of 
the HRS rewrite relation r) , it suffices to adapt the notion of computability by 
replacing — >fl by -^R^pn- One can check that all the proofs of the computability 
properties are still vaHd except the one for (dH) for which we give a new proof: 

Lemma 5 (Ci6|). A symbol f is computable if, for every rule fl ^ r E R and 
substitution a , ra is computable whenever la are computable. 

Proof. After (Cll|), for proving that / : T B is computable, it suffices to prove 
that every head-reduct of ft is computable whenever t : T are computable. Let 
t' be a head-reduct of ft. Then, ft is in /3-normal form and there are fl^rGR 
and a such that fla ^^Q=r) ft and t' — ra. To conclude, it suffices to check 
that la are computable. 

To this end, we prove that computability is preserved by 77-reduction, rj- 
expansion and /3o -expansion. Let i be a computable term and let m be a term 
obtained from t by ry-reduction, ry-expansion or /3o -expansion. We prove that u is 
computable when u is of base type. If u is not of base type then, by applying it 
to computable terms of appropriate types, we get a term of base type. On base 
types, computability is equivalent to strong normalization. Thus, it suffices to 
prove that every reduct of u is strongly normafizable. In each case, we proceed 
by induction on t with —> as well-founded ordering (t is computable). 

- /3o-expansion: t u. If u v! then either u' = t is computable or, 
by confiuence of /? and since /3o makes no duplication, there is t' such that 
t — >^ t' <— v! . Now, if u u' then, since i?- redexes are in /3-normal form, 
the /3o-redex is either above the i?-redex or at a disjoint position. Thus, there 
is u' such that t ^r t' *—po u' . In both cases, we can conclude by induction 
hypothesis. 

- 77-reduction: t -^ri u. If u u' then, by postponement of 77 wrt /? (— C 
^^^*), there is t' such that t t' ^* u' . Now, if u ^r v! then, since 
i?-redexes are in /3-normal form, either the ?7-redex is a /3-redex and i -^p 



u t' ~ u', or there is t' such that t — >fl t' u' . In both cases, we can 
conclude by induction hypothesis. 
- 77-expansion: t u. If u -^13 u' then either u' = i is computable or, by 
confluence of firj, there is t' such that t t' ^* u' . Now, if u v! then, 
since i?-redexes are in /3-normal form, there is t' such that i —^r t' <— * u' . In 
both cases, we can conclude by induction hypothesis. □ 

By property (C[2]) and Lemma [H it follows that = -^p U -^R.pn is well- 
founded if, for all rule fl-^reR,re CC>(Z). 



Fig. 2. Decomposition rules for higher-order patterns 



yu eccjii) y^FV(0 
(decomp-lamj 



uy e CC( (Z) y ^ FV(Z) U FV(?t) 



(decomp-app-left) ^. 



Now, for dealing with patterns a la Miller, we also need to add new decom- 
position rules in the computability closure. 

Lemma 6. The function CC> defined by the rules of Figure[I\ and\M is a com- 
putability closure whenever there exists a well-founded relation on computable 
terms that is do sure- compatible with >. 

Proof. We extend the proof of Lemma [4] with the new decomposition rules. 

(decomp-lam) Let 9' be the restriction of 9 to dom{9) \ {y}. Wlog, we can 
assume that y ^ codom(0). Hence, {yu)9' = yu9' . Now, since dom(0) C 
FV(m)\FV(Z), dom(6l') C FV(yu)\FV(Z). Thus, by (H2), yu9' is computable. 
Since y9 is computable, {yu9')y9 is computable. Thus, by /^-reduction, u9''^^ 
is computable too. Finally, since y ^ dom(6'') U codam(9'), u9''^^ = u9. 

(decomp-app-left) Let v : Ty computable. Since dom(6') C FV(m)\FV(Z) and y ^ 
FV(Z), dom(6'p = dom(6') U {y} C FY{uy) \ FV(Z). Thus, by (H2), {uy)9l = 
u9yV is computable. Since y ^ FV(u), u9y = u9. Thus, u9 is computable. □ 



6 Matching modulo some equational theory 

In this section, we show how the notion of computability closure can be used for 
proving the termination of the combination of /3-reduction and rewriting with 
matching modulo some equational theory E |48|21) . 

To this end, we assume that is a symmetric set of rules, that is, Z ^ r G iJ 
iff r — > Hn iJ. By definition of rewrite rules (see Section[2]), this implies that, for 



sill ^ r e E,r is of the form gr and FV(^) — FV(r). This includes associativity 
and commutativity but excludes collapsing rules like x + ^ x and erasing rules 
Hke a; X — > 0. 

Then, rewriting with matching modulo can be defined as follow: t -^b.,e u if 
there are p € Pos(t), I ^ r € R and a such that t\p*la and u — t[ra]p. 

Rewriting with matching modulo E is different from rewriting modulo E 
which is * -^R. The point is that, with matching modulo E, no i?-step takes 
place above t\p when one rewrites a term t at some position p £ Pos(<). 

Hence, we correct an error in 0] (Theorem 6) where it is claimed that U 
* is terminating. What is in fact proved in p] is the termination of U 
—^*E^^B.i ^^R^,E^ where Ei and Ri (resp. E^^ and Ruj) are the first-order (resp. 
higher-order) parts of E and R respectively. 

For proving the termination of ^/s^^r^e, it suffices to adapt computability 
by replacing —>r by ~^r,e- One can check that all the proofs of computability 
properties are still valid except the one for (C[6l) for which we give a new proof: 

Lemma 7 (C l6|) . Let E be a symmetric set o/ rules. Assume that y is a well- 
founded relation on computable terms closure- compatible with > and that, for 
all rule fl ^ gr E E, r G CC>(i). Then, f is computable if, for every rule 
fl^rER and substitution a , ra is computable whenever Icr are computable. 

Proof. By Lemma [H CC> is a computability closure. After (CEl), for proving 
that / : T B is computable, it suffices to prove that every head-reduct of ft 
is computable whenever t : T are computable. Let t' be a head-reduct of ft. 
Then, there is gl r E R and a such that ft*gla and t' = ra. By definition of 
computability closure, la are computable since t are computable (induction on 
the number of i?-steps). Therefore, ra is computable. □ 

By property (Cl2]) and Lemma IH it follows that — > = U ^r^e is well- 
founded if moreover, for all rule fl^reR,re CC((Z). 

7 Higher-order data types 

Until now, we used the subterm ordering in (call). But this ordering is not strong 
enough to handle recursive definitions on higher-order data types, i.e. data types 
with constructors having functional recursive arguments. Consider for instance 
a type P representing processes with a sequence operator ; : P P P and 
a data-dependent choice operator Z' : (D ^ P) ^ P. Then, in the following 
simplification rule [45]: 

the term Py is not a subterm of SP. 

In this section, we describe an extension of the computability closure to 
handle such definitions. It is based on the interpretation of "positive" higher- 
order data types introduced by Nax Paul Mendler in 1987 |34|35) . 



As usual, the set Pos(r) of positions in a type T is defined as words on {1, 2}. 
The sets Pos^(T) and Pos~(T) oi positive and negative positions respectively are 
inductively defined as follows: 

-P0S^"(B) = {£}. 

- Pos'^(T ^U) = l- Pos-\T) U 2 • Pos^iU). 

Let Pos(B,r) be the positions of the occurrences of B in T. A base type B 
occurs only positively (resp. negatively) in a type T if Pos(B, T) C Pos~''(T) (resp. 
Pos(B,T) C Pos-(r)). 

Nax Paul Mendler showed that the combination of /3-reduction and reduction 
rules for a "case" or "match" construction does not terminate if a data type B has 
a constructor having an argument in the type of which B occurs negatively (we 
say that B is not positive). Take for instance c:(B=>N)=>B,/:B=>(B^N) 
together with the rule f{cx) x. Then, by taking u) = xfxx : B ^ N, we have 
oj{cu)) -»/3 f{coj){cu) w{civ) -^0 ... 

He also showed that the set of all reducibility candidates is a complete lattice 
for inclusion and that, if B is positive, then one can build an interpretation of 
B as the fixpoint of a monotone functional on reducibility candidates, in which 
the reduction rules for the case construction are safe. In this case, we can say 
that every argument of a constructor is accessible. We extend this notion of 
accessibility to every (defined or undefined) function symbol as follows. 

Definition 7 (Accessible arguments). For every /^^^ € J^, let Acc(/) = 
{i < \T\ I Pos(B,Ti) C Pos+(ri)}. 

In our example, we have Pos(P, D => P) = {2} = Pos^(D =J> P) and 
Pos(P, P) = {e} = Pos+(P). Thus, Acc{S) = {1} and Acc(; ) = {1, 2}. 

We now define the functional the least fixpoint of which will provide the 
interpretation of base types. 

Lemma 8. The function F^{B) = {t G SN^ | yf^^H, t ^* ft ^ G 
Acc(/), ti G [liljj} is a monotone function on Ir. 

Proof We first prove that P = F^{B) e Q% 

(1) P C SN^ by definition. 

(2) Let tGP,t'€ ^{t), / : T =^ B and t such that t' ^* ft. We must prove 
that * e |T]_R. It follows from the facts that t G P and t ^* ft. 

(3) Let t'^ neutral such that -^{t) C P. Let * such that t ft and 
i G Acc(/). We must prove that ti G {TijR. Since t is neutral, t ^ ft. Thus, 
there is t' G -^{t) such that t' ->* ft. Since t' GP,tiG IT^r. 

For the monotony, let <+ = < and <^ = >. Let / < J iff, for all B, 
/(B) C J(B). We first prove that |Tl|j iTjj^ whenever / < J and Pos(B, T) C 

Pos''(r), by induction on T. 

- Assume that T = C G B. Then, S = +, fT]^ = J(C) and [T]^ = J(C). Since 
7(C) C J(C), IT]^ C [Tli 



- Assume that T = U ^ V. Then, Pos(B, JJ) C Pos^^U) and Pos(B, C 
Pos''(F). Thus, by induction hypothesis, |C/]^ C--^ |[/]^ and iVjjj [^1^. 
Assume that 5 = +. Let t e l?"]^ and u £ lUfjj. We must prove that 
tu e Since [Uji D [C/]^, tu G iVji,. Since l^l^j, C fVji, tu G 1^1^. 
It works similarly for 5 — 

Assume now that I < J. We must prove that, for all B, -Fr(B) C F^{B). 
Let B G S and t G Fi{B). We must prove that t G Fj^{B). First, we have 
t G SN^ since t G ^^(6). Assume now that t ^* f'^^^t and let i G Acc(/). 
We must prove that U e Since t G i^A(B), G |Ti]^. Since i G Acc(/), 

Pos(B, T,) C Pos+(T,) and {T^fji C |T,1^. □ 

Definition 8 (Computability). Let Ir he the least fixpoint of Fr. A term 
t:T is computable if t G |T]^^ . 

In the following, we drop the superscript Ir in |T]]|^. 

One can check that all the proofs of computability properties are still valid 
except the one for (CSl) for which we give a new proof: 

Lemma 9 (C l4]) . A term ft:Bis computable whenever t are computable and 
every head-reduct of ft is computable. 

Proof. We first need to prove that ft is SN. This follows from the previous 
proof of (CH]). Assume now that ft — >* gu and i G Acc{g). We prove that Ui 
is computable by induction on t with ^prod as well-founded ordering (t are 
computable). If ft = gu, then Ui — ti is computable by assumption. Otherwise, 
ft ^ V ^* gu. If z; is a head-reduct of ft, then v and m are computable. 
Otherwise, we conclude by induction hypothesis. □ 

The least fixpoint of Fr is reachable by transfinite iteration from the smallest 
element of Jr. This provides us with an ordering that can handle definitions on 
higher-order data types. 

Definition 9 (Size ordering). For all B G B and t G {BJr, let the size oft be 
the smallest ordinal o^(t) = a such that t G F^(0)(B), where F^ is the transfinite 
a-iteration of Fr. Let ^i? be the union of all the relations inductively defined 
on [TJr as follows: 

-thluifol{t)>ol{u). 

- t h'jr'" u if for all V G |T]fl, tv ^r uv. 

In our example, we have |P]fl = {i G SN^ | ^f'^^^t, t ^* ft Wi G 
Acc(/), G |T,li^}. Since Acc(i:) = {1}, if UP e |P]fl then, for all d G {DIr, 
Pd G IP}r and oP (Pd) < oP (^P). 

We immediately check that the size ordering is well-founded. 



Lemma 10. '^r is a well-founded quasi- ordering containing 



Proof. The relation is the union of pairwise disjoint relations. Hence, it 
suffices to prove that each one is transitive and well-founded. We proceed by 
induction on T. For T G B, this is immediate. Assume now that (ti)ieN is an 
increasing sequence for ^^i^^ ■ Since variables are computable, let x £ |T]fl. By 
definition of {U x)i(zfi is an increasing sequence for y^. □ 



Fig. 3. Accessibility ordering 



(>base 
(>lam) 



zGAcc(g) beX\FY{l) 
a>^bx X e A" \ (FV(6) U FV(0) 



(>red) 
(>trans) 



xa > b 
a >' b b —i-fj c 
a >^ c 

a>' b b>' c 
a >^ c 



We now define some relation strong enough for capturing definitions on 
higher-order data types and with which is closure-compatible. 

Lemma 11. y^j is closure-compatible with the family {>^)ieT defined Figure[M 

Proof. We prove that aO b9 whenever a >' b, a6 and b6 are computable, and 
9 is computable on A" \ FV(/). 

(>base) By definition of Ir, OR^gaO) — a + 1 and aiO e {B ^ Efj^. Since 
b G X\F\{1) and 6 is computable on X\¥\{1), bO are computable. Therefore, 
ai0b9 € /^(B) and aRigaO) > a> OR{a,ebd). 

(>lam) Let w : computable. Wlog we can assume that x ^ dom(6') U 
codom(0). Hence, {xa)9 = xaO. We must prove that {xa9)w >~r bOw. By 
/3-reduction, {xa9)w ^r a9^ . By induction hypothesis, a9'^ >~r {bx)9^ . Since 
X ^ FV(6) U dom(6l) U codom(6l), {bx)9^ = b9w. 

(>red) By induction hypothesis and since — >^ C ^r. 

(>trans) By induction hypothesis and transitivity of ^r. □ 

By property (CEl) and Lemma [H it follows that — > — -^p U -^r is well- 
founded if, for all rule fl^reR,re CC>(Z). 

Note that we could strengthen the definition of (>')igr by taking in (>base), 
when I = fl, b £ CC>(Z) instead of b e A" \ FV{1), making the definitions of > 
and CC> mutually dependent. See ^Ij for details. 



8 The recursive computability ordering 



We now show how the computabiUty closure can be turned into a well-founded 
ordering containing the monomorphic version of Jean-Pierre Jouannaud and 
Albert Rubio's higher-order recursive path ordering |25) . 

Indeed, consider the relation CR(>) = {{fl,r) \ r e CC((0,FV(r) C 
FV(i),T(/i) = T(r)} made of all the rules which right-hand side is in the com- 
putability closure of its left-hand side. After (CE]) and Lemma [H -^p U ^cR(>) 
is well-founded whenever > is well-founded and stable by substitution. Hence, 
CR(>) is itself well-founded and stable by substitution whenever > is well- 
founded and stable by substitution. 

We now observe that the function mapping > to CR(>) is monotone wrt 
inclusion. It has therefore a least fixpoint that is stable by substitution and 
which closure by context is well-founded when combined with ^p. 

Lemma 12. The function mapping > to the relation CR(>) = {{fl,r) \ r G 
CC>(i), FV(r) C FV(i), r(/i) = T{r)} is monotone wrt inclusion on the set of 
well-founded relations stable by substitution. 

Proof. Assume that >i C >2. One can prove by induction on {fl,r) e CR(>i) 
that {fl,r) e CR(>2)- In the (call) case, we use the fact that the function 
mapping > to >stat is monotone wrt inclusion. 

Now, assume that > is well-founded and stable by substitution. After (C[2|) 
and Lemma [21 — >;3 U — >CR(>) is well-founded. Thus, CR(>) is well-founded. 
Now, one can check that CR(>) is stable by substitution whenever > is stable 
by substitution. □ 

Definition 10. Let the weak higher-order recursive computability (quasi-) or- 
dering >whorco be the least fixpoint of CR, and the higher-order recursive com- 
putability (quasi-) ordering >horco be the closure by context o/>whorco- 

In FigureSl we give an inductive presentation of >horco obtained by replacing 
u G CC>(i) by fl > u in Figure [1] and adding a rule (cont) for the closure by 
context and a rule (rule) for the conditions on rules. 

Strictly speaking, >horco, like >horpo, is not a quasi-ordering. One needs to 
take its transitive closure to get a quasi-ordering. On the other hand, one can 
check that >whorco is transitive, hence is a true quasi-ordering (note that, if 
t >whorco u, then t is of the form ft). 

Moreover, since >whorco is not closed by context, it is better suited for proving 
the termination of rewrite systems by using the dependency pair method [114213) . 

We now would like to compare this ordering with the monomorphic version of 
>horpo which definition is reminded in Figure [Sj To this end, we need to sHghtly 
strengthen the definition of computability closure by replacing > by its closure 
by context ^>, and by adding the following deduction rule: 



Fig. 4. Higher-order computability ordering 



whorco ^ P e Pos(C) 

(cont) 



(rule) 



C[i]p horco C[tt]p 

t'^ > FV(«) C FV{t) T = U 

^ ^whorco ^ 

(arg) fl > h 

fl>gu i £ Acc{g) 



(decomp-symb) 
(prec) 



fl > Ui 

f>rg 



fl>9 

(call) 



/ —3^ g^^^ fl > I (>whorco)statj, U 



fl > gu 

fl > ?/, 

(app) 



fl > u''^'^ fl > 



(var) 

(lam) 



fl > uv 

X i FV(Z) 

fl > X 

fl>u xi FV(0 
fl > xu 



One can check that all the properties are preserved. More details can be found 
in [7]. Hence, we get the following additional deduction rules for >whorco: 



(call) 



(red) 



fl > gu 

fl>U U >ho 

fl>v 



We now prove that >hoipo is included in the transitive closure of >horco* 
Lemma 13. >horpo Q >horco- 

Proof. Note that FV(u) C FV(t) and T — U whenever >horpo u'^ {>horpo is 
a set of rules). 

We first prove the property (*): ft>v whenever tj >horco ^ >horco 
Assume that tj >horco (^^s)' /* > ^j- Thus, by (red), ft > v. Assume now 

that ft >horco u >hoi.co V. By (red), it suffices to prove that ft > u. There are 
two cases: 

-ft — fatkb, u — fat'f.b and tk >horco t'^- We conclude by (call). 



Fig. 5. HORPO [25] 



(4) 



P(/, t, U) = ft >horpo U V (3j) >horpo U 
t-i ^horpo ^ 



(1) 

(2) 



/'"^^^^ ^horpo "i^"^ 

f>rg P{f,t,u) 



(3) 



f g Stat/ = mul t (>horpo)staty: U 



fT^TtT ^^^^^^ gU^T^U 
f ~T g Stat/ = lex t (>horpo)stat^. U P{f, t, u) 



(5) 

(6) 



P{f,t,u) 



J ^norpo 
{tl,t2} (> horpo)mul 



1 2 ^norpo '-''i ^2 

i ^horpo 



(7) 



Xt ^horpo XU 



- ft = fib, u = rb and fl >whorco t. One can check that fit > rt whenever 
fl > r. 

We now prove the theorem by induction on >horpo- 

(1) By induction hypothesis, U >y^^^.^^ u. By (arg), ft > U. Since U >horpo u 
and ft >horpo u, ft ti is a rule. Thus, ft >whorco U and, by (red), 

ft ^whorco 

(2) By induction hypothesis, for all i, ft >i[oi.co or tj >hoi.co Hence, by 
(*), ft > u. By (prec), ft > g. Thus, by (app), ft > gu. Since ft gu is 
a rule, ft >wiiorco gu. 

(3) By induction hypothesis, t (>hoi.co)mui Hence, by (*), ft > u. Thus, by 
(call), ft > gu. Since ft gu is a rule, ft >„horco gu. 

(4) By induction hypothesis, * (>^orco)statj u and, for all i, ft >i^^^^ Ui or 
*i >horco Hence, by (*), /* > u. Thus, by (call), ft > gu. Since /* gu 
is a rule, /* >whorco gu. 

(5) By induction hypothesis, for all i, ft >horco >horco Hence, by 
(*), ft > Ui for all i. Thus, by (app), /t > u. Since {ft,u) is a rule, 

^whoico 

(6) For typing reasons, (ti,ul) (>horpo)prod (i2,U2)- Thus, by induction hy- 
pothesis, {ti,ui) (>horco)prod {h,U2). Heuce, by (cont) and transitivity, 

*1^2 >ilorco "1"2- 



(7) By induction hypothesis, t >^^^.^^ u. Thus, by (cont), xt >^^^^^q xu. □ 

We observe that, if (6) were restricted to {ti >horpo Ui A t2 = U2) V (ti = 
Ui At2 >horpo "2), then we would get >horpo ^ >horco, since this is the only case 
requiring transitivity. 

Note that >horco can be extended with the accessibility ordering defined in 
Figure [3l The details can be found in [7]. 

Finally, we remark that, when restricted to first-order terms, the recursive 
computability ordering is equal to the usual first-order recursive path ordering 
|41I14) . the subterm rule being simulated by (arg) and (red). 

Lemma 14. The relation defined in Figure\^by the rules (arg), (decomp-symb), 
(call) and the rule: 

(prec-app) 

fl > gu 

is equal to the usual first- order recursive path ordering. 



9 Conclusion 



We show through various extensions how powerful is the notion of computability 
closure introduced by Jean-Pierre Jouannaud and Mitsuhiro Okada. In partic- 
ular, we show how it can easily be turned into a well-founded ordering con- 
taining Jean-Pierre Jouannaud and Albert Rubio's higher-order recursive path 
ordering. This provides a simple way to extend this ordering to richer type dis- 
ciplines. However, its definition as the closure by context of another relation is 
not completely satisfactory, all the more so since one wants to combine it with 
the accessibility ordering. We should therefore try to find a new definition of 
HORPO that nicely integrates the notions of computability closure and accessi- 
bility ordering in order to capture definitions on higher-order data types (data 
types with constructors having functional recursive arguments). 
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